<%@ page contentType="text/html; charset=utf-8" language="java" import="java.sql.*" errorPage="" %>
<% //Grab the username and emp_id from the session
String emp_id=(String)session.getAttribute("emp_id");
int ei=Integer.parseInt(emp_id);
String user_name=(String)session.getAttribute("userName");
%>
<table width="400" align="center">
    <tr bgcolor="#EEEEEE" height="20px">
        <th colspan="2" scope="col"><%= user_name%> change ur password here</th>
    </tr>
    <form method="post" class="searchform" action="new_pass.jsp">
        <tr bgcolor="#FCFCFC">
            <td height="24">Old Password</td>
            <td><input name="old_pass" type="password" value="" size="25" maxlength="35" /></td>
        </tr>
        <tr bgcolor="#FFFFFF">
            <td>New Password</td>
            <td><input name="new_pass" type="password" value="" size="25" maxlength="35" /</td>
                   </tr>
        <tr bgcolor="#FCFCFC">
            <td>Re-type new password</td>
            <td><input name="new_re_pass" type="password" value="" size="25" maxlength="35" /</td>
                   </tr>
        
        <tr >
            <td><input type="hidden" name="uname" value="<%=user_name%>"/></td>
            <td>
                
                <p> <input type="submit" name="OK" class="button" value="Change Password" /></p>
            </td>
        </tr>
    </form>
</table>

<%/*
String query="update employee set employee.gender='"+egender+"',employee.phone='"+ephone +"' where employee.emp_id='"+ei+"'";

Connection db_conn = null;
Statement statement = null;
PreparedStatement pstmt;
ResultSet rs;
try{
Class.forName("com.mysql.jdbc.Driver");
String url= "jdbc:mysql://localhost:3306/db";
db_conn = DriverManager.getConnection( url,"root", "root" );
statement = db_conn.createStatement();
statement.executeUpdate(query);
db_conn.close();
} catch(SQLException e){
e.printStackTrace();
out.println("sql not found");
out.println(e);
} catch(ClassNotFoundException e){
e.printStackTrace();
out.println(e);
}*/
%>
